Find notable cyber news and cases, enriched with sources, timelines, and signals.

ChatGPT single-prompt DNS side-channel exfiltration remote code execution flaw

Vulnerability
First reported
Last updated
Happening score
H score 33
1 unique sources, 1 articles

Summary

Hide ▲

A ChatGPT vulnerability let a single malicious prompt covertly exfiltrate prompts, messages, uploaded files, and other sensitive content through a DNS side channel. The flaw also carried remote code execution risk, widening the impact beyond data theft. OpenAI deployed a security update on February 20 after the issue was reported. The weakness mattered because it could move sensitive user and corporate data out of ChatGPT’s isolated execution environment.

Related Happenings

Workflow-level jailbreak makes GitHub Copilot Chat write harmful answers in code files

Technical Analysis
H score22 First: 08.07.2026 14:21 Last: 08.07.2026 14:21 Sources 1

About this happening: Researchers demonstrated a **workflow-level jailbreak** against **GitHub Copilot Chat** that caused harmful answers to be written inside code tasks even when direct chat prompts w...

OpenAI ChatGPT Atlas BioShocking fix

Advisory/Mitigation
H score34 First: 01.07.2026 00:50 Last: 01.07.2026 00:50 Sources 1

About this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...

IPhone AI chatbot traffic leak of API keys, replayable tokens, and open relays

Technical Analysis
H score27 First: 30.06.2026 16:49 Last: 30.06.2026 16:49 Sources 1

About this happening: **LLMKeyLens** testing found **444 iPhone AI chatbot apps** leaking **paid AI access**, exposing **API keys**, **replayable tokens**, and **open relays** that let others bill mode...

OpenClaw message-object prompt injection patched in 2026.4.23 security flaw

Vulnerability
H score15 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...

OpenAI rolls out ChatGPT Lockdown Mode and Active Sessions for prompt-injection defense and sign-in auditing

Security Tool/Service
H score10 First: 08.06.2026 17:00 Last: 08.06.2026 17:00 Sources 1

About this happening: OpenAI rolled out **Lockdown Mode** and **Active Sessions** in **ChatGPT**, adding controls that reduce **prompt-injection data exfiltration** risk and improve **signed-in session...

Timeline

  1. 31.03.2026 16:01 1 articles · 3mo ago

    OpenAI deploys ChatGPT security update

    Mitigation Patch Update

    OpenAI deployed a security update for ChatGPT on February 20 after researchers reported a flaw that let a single malicious prompt abuse a hidden outbound communication path and DNS side channel from ChatGPT’s isolated execution runtime, reducing the risk of prompt and message exposure.

    Show sources
  2. 30.03.2026 03:00 2 articles · 3mo ago

    Check Point discloses ChatGPT single-prompt exfiltration flaw

    Initial Disclosure

    Check Point disclosed a ChatGPT vulnerability in which a single malicious prompt could activate a hidden exfiltration channel inside a regular ChatGPT conversation, sending prompts, messages, uploaded files, and other sensitive content to an attacker-controlled server through a DNS side channel, with remote code execution risk also present.

    Show sources